Malicious app BankMirage makes quick appearance in Google Play

Researchers at Lookout found the malware, which masqueraded as a legitimate banking app for customers of an Israeli bank.

It appears that saboteurs, who slipped a malicious app into the Google Play store, were testing their malware out on unsuspecting users, researchers found.

The malware, called BankMirage, masqueraded as a legitimate banking app for customers of Mizrahi Bank in Israel. After going undetected a few days in the official app store for Android users, however, researchers at security firm Lookout became privy to the scheme.

In a Tuesday blog post, the company revealed that they notified Google of the threat, and that the tech giant immediately removed the malicious app.

Once users downloaded BankMirage, it loaded an in-app login form designed to steal victims' user IDs, the blog post said.

In a Wednesday interview, Jeremy Linden, senior security product manager at Lookout, told SCMagazine.com that miscreants may have been experimenting with the malware's features– which could explain why users' passwords were not up for grabs.

“One possibility is they were testing [the malware] functionalities, and they were going to then add the actual malicious functionality,” Linden said.

He added that, in this instance, user IDs for the app were not email addresses, a scenario which may have presented an opportunity for future phishing attacks.

Techscape is SC Media’s content marketing platform. Industry experts share their views in the following categories

Partner Content is sponsored content brought to you by a vendor

Content Lab is editorial content produced by SC Media on behalf of a vendor

SC Media arms cybersecurity professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.